The Best of GRC Thought Leadership
Enjoy the latest in risk and compliance thought
leadership from the team at 6clicks.
ISO 27001 2022 - what has changed?
The latest version, ISO 27001 2022 was released on October 25. It replaces the 2013 version of ISO 27001. Let’s find out what the key changes are and how the latest revision to..
6 cybersecurity frameworks for improving cyber health
Cybersecurity frameworks are a vital tool for organizations looking to improve their cyber health. A cybersecurity framework provides a set of guidelines and best practices for..
Setting the information security policy for ISO 27001
The Information Security policy is an important and mandatory document for ISO 27001 implementation. Several organisations struggle with creating a useful information security..
Responsibilities of top management for ISO 27001 implementation
One of the reasons why ISO implementation fails in some organisations is because the top management does not understand why the implementation is necessary and how exactly it..
How long should your Information Security policy be?
An Information Security Policy is at the centre of the information security program at an organization. It is also an important requirement for ISO 20071 certification.
Statement of applicability in ISO 27001 – What is it and why does it matter?
The Statement of Applicability (SOA) is an important document in ISO 27001. But it’s not just the auditor who would want to see the SOA. It can be asked for by any stakeholder who..
The best way to define the scope in ISO 27001
Defining the ‘scope’ for ISMS (Information Security Management System) is one of the most important and basic requirements for implementing the ISO 27001 standard. While it looks..
Responding to Australia's new critical infrastructure laws
Australia's critical infrastructure laws have been expanded and updated to apply to more sectors. Are you operating a critical asset within one of these critical infrastructure..
9 steps to prepare for your first ISO 27001 audit
ISO 27001 Overview ISO 27001 is an information security standard created and regulated by the International Organisation for Standardisation (ISO). As it isn’t a legally mandated..